CN107154920A - Encryption method, decryption method and the reception device to receive security information of security information - Google Patents
Encryption method, decryption method and the reception device to receive security information of security information Download PDFInfo
- Publication number
- CN107154920A CN107154920A CN201610122091.5A CN201610122091A CN107154920A CN 107154920 A CN107154920 A CN 107154920A CN 201610122091 A CN201610122091 A CN 201610122091A CN 107154920 A CN107154920 A CN 107154920A
- Authority
- CN
- China
- Prior art keywords
- security information
- information
- code
- reception device
- time
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0478—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
- Storage Device Security (AREA)
Abstract
The present invention is on a kind of encryption method of security information, comprising the first cryptographic calculation is carried out according to the information content and time code to produce identifying code, the second cryptographic calculation is carried out according to the information content, time code and identifying code to produce encrypted fields, and combine non-encrypted field and encrypted fields and turn into security information.Encryption method, decryption method and the reception device to receive security information of security information according to embodiments of the present invention, it may be such that having corresponding reception device only specific decruption key can be used to decrypt security information, and reception device can confirm whether security information is altered according to the identifying code in security information, time code and the information content, and can after confirming not altered just execution information content, to lift security and the privacy that Global Information is serviced.In addition, reception device can also confirm whether security information exceedes effective time limit according to the time code in security information, and then it can also add the security of lifting Global Information service.
Description
【Technical field】
The present invention proposes a kind of encryption method of information, decryption method and the reception device to receive information,
Particularly a kind of encryption method for lifting security and the security information of privacy, decryption method and it is used to
Receive the reception device of security information.
【Background technology】
With the development of mechanics of communication, Mobile Communications mode now has not only broken conventional affixed communication modes
Limitation, also promoted the application of each mobile communication device.In each money service item of Mobile Communications
In, because information service (Short Message Service) may be used as directly calling and get in touch with him
Another replacement contact information of people, therefore, information service are still so far service indispensable in Mobile Communications
One of.
And with the development of technology, the content of transmitting of information service is also gradually enriched, it was only capable of transmission from conventional
Information service with text information is gradually developed to also can transmit multimedia shelves in addition to transmittable text information
Case, for example:MMS (Multimedia Message Service) (the Multi-media Message of photo, sound, film etc.
Service)。
In the information service system of running gear now, its in terms of privacy and the security of information on still
There are many missings.Seem that the content of information still can be by running gear because information service system system is application program
Built-in software intercept, and have by the suffering of fraudulent copying to other devices;Seem because of general information service again
The content of information used in system is generally in plain text and is not encrypted or form conversion, and causes information
Third party is subject to crack;Seem because the transmission purpose that information service system is not directed to information typically is carried out again
Confirm, and cause originally to be intended to send to be transferred into after second device to the information of first device, second device is still
The information misinformated can be received and read, and has the leak in security;Seem general information service system again
As long as receiving the information containing execute instruction will directly perform, the information of transmitting terminal can't be checked, and
Cause the suffering for probably thering is third party to easily pass through information control action device;Seem general information service system again
The transmission time for not being directed to information is judged, and causes probably have same envelope information to repeat influence action dress
The suffering put.
【The content of the invention】
In view of this, the present invention provides a kind of encryption method of security information, decryption method and to receive
The reception device of security information, the security information with special format is produced by the encryption acts of two-stage,
So that receiving the reception device of this security information need to be decrypted after this security information by corresponding decryption acts
Its information content just can be read, and then the security and privacy of Global Information service can be lifted.
In one embodiment, a kind of encryption method of security information is included is carried out according to the information content and time code
First cryptographic calculation is transported with producing identifying code, the second encryption being carried out according to the information content, time code and identifying code
Calculating to produce encrypted fields, and combine non-encrypted field and encrypted fields turns into security information.
In one embodiment, a kind of decryption method of security information suitable for reception device is safe comprising receiving
Information, according to non-encrypted field confirm reception device supported information format, using decruption key to
Encrypted fields in security information are decrypted, and are tested with being verified code, time code and the information content, basis
Card code, time code and the information content confirm that security information is not altered, and when security information is not altered
When changing, execution information content.Foregoing security information includes non-encrypted field and encrypted fields, and foregoing
Information format system is form specific to security information.
In one embodiment, a kind of reception device to receive security information, includes receiving unit, processing
Unit and execution unit.Receiving unit is to receive security information, and to confirm the information of security information
Form system is supported by reception device.Security information includes non-encrypted field and encrypted fields.Processing unit is used
With using decruption key to being decrypted with the encrypted fields in security information, to be verified code, timeliness
Code and the information content, and to confirm that security information is not altered according to identifying code, time code and the information content.
Execution units confirm that security information does not meet with altering rear execution information content.
In summary, the encryption method of security information according to embodiments of the present invention, decryption method and it is used to
The reception device of security information is received, by the way that rear produced test the information content and time code will be encrypted
Demonstrate,prove code and carry out another encryption acts with the information content, time code, to produce the encryption protection with the two-stage
Security information, specific decruption key can be used to decrypt security information to have only corresponding reception device,
And reception device can confirm that security information is according to the identifying code in security information, time code and the information content
It is no to be altered, and can after confirming not altered just execution information content, serviced with to lift Global Information
Security and privacy.In addition, reception device can also confirm safe letter according to the time code in security information
Whether breath exceedes effective time limit, and then can also add the security of lifting Global Information service.
The detailed features and advantage of the narration present invention in detail in embodiments below, its content is enough to make any
It is familiar with relevant art to understand the technology contents of the present invention and according to this implement, and according to disclosed by this specification
Content, claim and schema, it is any to be familiar with relevant art and be readily understood upon correlation of the invention
Purpose and advantage.
【Brief description of the drawings】
Fig. 1 is the dispensing device of one embodiment of the invention and the block diagram of reception device.
Fig. 2 is the schematic diagram of the form of the security information of one embodiment of the invention.
Fig. 3 is the flow chart of the encryption method of the security information of one embodiment of the invention.
Fig. 4 is the flow chart of the decryption method of the security information of first embodiment of the invention.
The flow chart that Fig. 5 is covered by the step S24 in Fig. 4.
Fig. 6 is the flow chart of the decryption method of the security information of second embodiment of the invention.
The flow chart that Fig. 7 is covered by the step S34 in Fig. 6.
The flow chart that Fig. 8 is covered by the step S35 in Fig. 6.
【Embodiment】
Referring to Fig. 1, it is dispensing device for one embodiment of the invention and the block diagram of reception device.Communication
System includes reception device 100 and dispensing device 200, and reception device 100 can be with the phase of dispensing device 200
Mutually communication (wireless transmission information).Reception device 100 includes receiving unit 110, processing unit 120 and held
Row unit 130, and the coupling receiving unit 110 of processing unit 120 and execution unit 130.Dispensing device 200 includes
Receiving unit 210, processing unit 220 and transmitting element 230, and the coupling receiving unit 210 of processing unit 220
With transmitting element 230.When dispensing device 200 is intended to an information being sent to reception device 100, dispensing device 200
Can first according to any embodiment security information M1 encryption method to this information (the hereinafter referred to as information content)
It is encrypted to generate security information M1, the receiving unit 110 to reception device 100 is then wirelessly exported again.
Receiving unit 110 is received after security information M1, decryption method that can be according to the security information M1 of any embodiment
Security information M1 is decrypted, to obtain the information content from dispensing device 200.
Above-mentioned reception device 100 can be mobile phone, computer etc. with dispensing device 200.In addition, receiving
The processing unit 120 of device 100 and the processing unit 220 of dispensing device 200 can be SoC (System on a
Chip) chip, central processing unit (Central Processing Unit, CPU) or microcontroller (MCU)
Deng, but the present invention is not limited thereto.
Fig. 2 is the schematic diagram of the form of the security information of one embodiment of the invention.Security information M1 is main to be added by non-
Close field C1 and encrypted fields C2 is constituted, and encrypted fields C2 comprising identifying code C21, time code C22 and
Information content C23, wherein identifying code C21 are also divided at least two checking sections and (are referred to as first individually below
Verify the checkings of section C211 and second section C212).It should be noted that, the first checking section C211 digit with
Second checking section C212 digit can elasticity adjustment respectively.For example, when identifying code C21 digit is 32,
First checking section C211 and the second checking section C212 can respectively account for 16, or the first checking section respectively
C211 is 20 and the second checking section C212 is 12, or the first checking section C211 is 10 and the
Two checking section C212 are 22.
Fig. 3 is the flow chart of the encryption method of the security information of one embodiment of the invention.In step S11, safety
Information M1 encryption method is included to be carried out the first cryptographic calculation to produce according to information content C23 and time code C22
Identifying code C21;For example, in a step S11 embodiment, dispensing device 200 can pass through processing unit
220 are carried out using the first cryptographic calculation to the information content C23 received by receiving unit 210 and time code C22
Encryption, to produce corresponding identifying code C21.Information content C23 is the information that user is inputted, for example
" Hello ", and its length end is depending on the message length that user is inputted.
In this, the first cryptographic calculation system for security information M1 first stage encryption protection, its can be used to by
The information content C23 and time code C22 of on-fixed length are converted into fixed-length value, for example:32
Identifying code C21.
In certain embodiments, the first cryptographic calculation can be a kind of CRC (Cyclic Redundancy
Check, CRC) computing, such as message digest algorithm (Message-Digest Algorithm), such as MD5,
MD4, MD3 etc., or for Secure Hash Algorithm (Secure Hash Algorithm, SHA), seem SHA-3,
SHA-2, SHA-1 etc..But the present invention is not limited only to this, the first cryptographic calculation can be to be any that will have
The information for having on-fixed length is converted into the algorithm of the coding with fixed-length value.
Then, in step S12, second is carried out according to information content C23, time code C22 and identifying code C21
Cryptographic calculation is to produce encrypted fields C2.Time code C22 can be used to for reception device 100 to information content C23's
Effect is checked, and identifying code C21 then can be used to for reception device 100 to information content C23 and time code
C22 correctness is tested, to prevent third party's malicious modification information content C23.In certain embodiments,
Time code C22 can include submitting time and effective time limit.Wherein, the submitting time can be user in completion information
Pressed after content C23 the time of send key, suppression or the date of shipping predetermined for user.And effective time limit
Can be a given period day, for example:On December 31st, 2016, or a specific period, for example:7 days.
In addition, in a step S12 embodiment, dispensing device 200 can utilize second by processing unit 220
Cryptographic calculation is to the first checking section C211, time code C22, the checking sections of information content C23 and second C212
It is encrypted, to produce corresponding encrypted fields C2.Wherein, the second cryptographic calculation system is security information M1's
The encryption protection of second stage, can be used to the first checking section C211, time code C22, information content C23
And second checking section C212 be converted into ciphertext (Ciphertext) from (Plaintext) in plain text, come hidden
Real content is covered to avoid being leaked during transmission.In certain embodiments, the second encryption fortune
Calculation can be high-order encryption standard (Advanced Encryption Standard), RSA cryptographic algorithms or triumphant Sa
Enciphered method (Caesar Cipher) etc..But the present invention is not limited only to this, the second cryptographic calculation can be to appoint
What is to the algorithm by ciphertext is converted into plain text.
Finally, into step S13, non-encrypted field C1 and encrypted fields C2 is combined into security information M1.In step
In a rapid S13 embodiment, dispensing device 200 can will have been converted into the encrypted word of ciphertext by processing unit 220
Section C2 and non-encrypted field C1 is combined into after security information M1, then is sent out security information M1 by transmitting element 230
See off.Wherein, non-encrypted field C1 can typically be referred to as header (Header), and with for reception device
100 recognize whether its system can support this security information M1 information format.In certain embodiments, it is foregoing
Information format can be plain text information format or multimedia messages form etc..
The present invention's is technically characterized in that, the first checking section C211 and the second checking section C212 can be with information
The interspersed arrangements of content C23 and time code C22, to lift security information M1 protection intensity.For example, first tests
Card section C211, time code C22, the second checking section C212 and information content C23 can be arranged sequentially according to this,
So that time code C22 to be separated with information content C23.However, the present invention is not so limited.Another
Implement in aspect, as shown in Fig. 2 the first checking section C211, time code C22, information content C23 and second
Checking section C212 can be arranged sequentially according to this.In other words, time code C22 and information content C23 is now to be located at
Between first checking section C211 and the second checking section C212.In foregoing each implementation aspect, time code
C22 and the information content C23 sequence of positions can intermodulation, and the first checking section C211 verifies section with second
C212 sequence of positions also can intermodulation.
Fig. 4 is the flow chart of the decryption method of the security information of first embodiment of the invention.Refer to Fig. 1, Fig. 2
And Fig. 4, security information M1 decryption method are comprising reception security information (step S21), according to non-encrypted field
C1 confirm reception device 100 supported information format (step S22), using decruption key to security information M1
In encrypted fields C2 be decrypted, to be verified a yard C21, time code C22 and information content C23 (steps
S23 whether security information M1), is confirmed by altering (step S24), and when security information M1 is not altered
When changing, execution information content C23 (step S26).
In a step S21 embodiment, reception device 100 can be received by receiving unit 110 from transmission dress
Put 200 security information M1.Wherein, non-encrypted field C1s of the security information M1 comprising sequential and encrypted word
Section C2.In this, security information M1 systems are sent to reception device 100 in package mode from dispensing device 200.
In a step S22 embodiment, due to the non-encrypted field C1 systems in security information M1 in plain text (i.e.,
Not encrypted mistake), therefore, the receiving unit 110 of reception device 100 directly can add according to the non-of security information M1
Close field C1 judges whether it can support this security information M1 information format.
When the receiving unit 110 of reception device 100 according to non-encrypted field C1 judges this security information M1 systems to connect
During the information format that receiving apparatus 100 is supported, the execution step that continues S23.Conversely, when this security information of judgement
During the information format that M1 is not supported by reception device 100, then give up security information M1 (step S27).In
This, reception device 100 can complete to give up safety by the directly rejection security information M1 of receiving unit 110
Information M1 action.
In a step S23 embodiment, due to the encrypted fields C2 systems in security information M1 be ciphertext (i.e.,
It is encrypted), and can not directly it be read, therefore, the processing unit 120 of reception device 100 need to use pre-
Encrypted fields C2 in security information M1 is decrypted the decruption key deposited, and encrypted fields C2 is converted into
Obtain its identifying code C21, time code C22 and information content C23 for being covered in plain text.
In certain embodiments, multiple decruption keys, and reception device 100 can be prestored in reception device 100
Processing unit 120 can be tested respectively using each decruption key and whether have any decruption key can be by safety
Information M1 encrypted fields C2 solutions come.
When processing unit 120 can by decruption key to encrypted fields C2 enter decryption and be verified a yard C21, when
When imitating code C22 and information content C23, that is, represent that reception device 100 has the decryption corresponding to this security information M1
Key, and it is the receiving terminal of legal (correct), and it is also conjunction to send this security information M1 dispensing device 200
The transmitting terminal of method (correct).Now, the execution step that can continue S24.
Conversely, when processing unit 120 can not be entered to encrypted fields C2 by any one decruption key and be decrypted, i.e.,
Represent that reception device 100 does not have the decruption key corresponding to this security information M1 simultaneously, and may for it is illegal (no
Receiving terminal correctly), the dispensing device 200 for pressing down or be this security information of transmission M1 is illegal (incorrect)
Transmitting terminal.Now, then continue execution step S27, to give up this security information M1.
In a step S24 embodiment, the processing unit 120 of reception device 100 can be according to via via decryption
Identifying code C21, time code C22 and the information content C23 of gained test after secret key decryption, to confirm this envelope
Whether security information M1 once alters by third party's malice.Wherein, identifying code C21 can be used to checking information content
C23 and time code C22 correctness, time code C22 can be used to checking information content C23 effect, and information
The information contents of content C23 then to be received.
In certain embodiments, the identifying code C21 systems in security information M1 be divided at least two checking sections (with
Under be referred to as the first checking section C211 and second checking section C212), as shown in Figure 2.Time code C22
It is located at information content C23 systems between the first checking section C211 and the second checking section C212.Wherein, first
Elasticity adjustment can be distinguished by verifying section C211 digit and the second checking section C212 digit.
Therefore, the processing unit 120 of reception device 100 needs elder generation before confirming whether security information M1 is altered
First checking section C211 and the second checking section C212 are combined into a complete identifying code C21.In this, locate
Reason unit 120 is to verify that section C212 is combined in the first checking section C211 rear, and the second checking by second
Highest significant position (MSB) in section C212 will be connected to the least significant bit in the first checking section C211
(LSB) rear.
The flow chart that Fig. 5 is covered by the step S24 in Fig. 4.Referring to Fig. 5, in step S24 some implementations
In example, processing unit 120 performs cryptographic calculation to obtain check code according to time code C22 and information content C23
(step S24a), then comparison code C21 and check code (step S24b).When the result of comparison is checking
When code C21 is consistent with check code, processing unit 120 judges that security information M1 does not meet with altering (step S24c).Instead
It, when the result of comparison is not consistent for identifying code C21 with check code, processing unit 120 then judges safety letter
Breath M1 is by altering (step S24d).
In a step S24a embodiment, the processing unit 120 of reception device 100 can pass through a cryptographic calculation
Action is encrypted to time code C22 and information content C23, to obtain corresponding check code.Wherein, verify
Code has fixed-length value, and the bit length of check code should be same as identifying code C21 bit length.
In certain embodiments, described cryptographic calculation can be a kind of CRC (Cyclic
Redundancy Check, CRC) computing.Due to the same information content after same algorithm computing produced by
Coding should be identical, therefore, the type system for the cryptographic calculation that the processing unit 120 of reception device 100 is used
The type for the first cryptographic calculation that the processing unit 220 of dispensing device 200 is used is same as, with can be in follow-up
It is compared in step S24b with identifying code C21.For example, it is assumed that the processing unit 220 of dispensing device 200
When SHA-3 is in the first cryptographic calculation system used, then what the processing unit 120 of reception device 100 was used adds
Close computing also should be SHA-3.
Continue, in a step S24b embodiment, the processing unit 120 of reception device 100 can be by step
The check code of gained is compared with the identifying code C21 in security information M1 in S24a, with by confirming check code
Whether it is consistent to judge whether security information M1 is altered with identifying code C21 completely.
When processing unit 120 confirms that identifying code C21 is consistent with check code, step S24C is performed, and processing is single
Member 120 can determine that security information M1 is not altered.In this, processing unit 120 does not meet with judgement security information M1
After altering, security information M1 is also sent to execution unit 130, step S26 is performed to continue.
In step S26, the execution unit 130 of reception device 100 can receive the safety from processing unit 120
Information M1, and perform the information content C23 in security information M1.
Conversely, when processing unit 120 confirms that identifying code C21 is not consistent with check code, then continuing and performing step
Rapid S24d, processing unit 120 can determine that security information M1 is altered.In this, processing unit 120 is in judgement
After security information M1 is altered, security information M1 can't be sent to execution unit 130, and the execution that continues
Step S27, and give up security information M1.
Fig. 6 is the flow chart of the decryption method of the security information of second embodiment of the invention.In some embodiments
In, refer to Fig. 1, Fig. 2 and Fig. 6.Security information M1 decryption method comprising receive security information (step S31),
According to non-encrypted field C1 confirm reception device 100 supported information format (step S32), using decrypt it is close
Encrypted fields C2 in security information M1 is decrypted key, to be verified a yard C21, time code C22 and letter
Whether breath content C23 (step S33), confirmation security information M1 believe by (step S34), confirmation safety is altered
Cease whether M1 exceedes effective time limit (step S35), and when security information M1 is not altered and security information
During not less than effective time limit, execution information content C23 (step S36).
The flow chart that Fig. 7 is covered by the step S34 in Fig. 6.Referring to Fig. 7, in step S34 some implementations
In example, processing unit 120 performs cryptographic calculation to obtain check code according to time code C22 and information content C23
(step S34a), then comparison code C21 and check code (step S34b).When the result of comparison is checking
When code C21 is consistent with check code, processing unit 120 judges that security information M1 does not meet with altering (step S34c).Instead
It, when the result of comparison is not consistent for identifying code C21 with check code, processing unit 120 then judges safety letter
Breath M1 is by altering (step S34d).
Hereinafter, because step S31, step S32, step S33, step S34, step S36 and step S37 are big
In cause respectively with foregoing step S21, step S22, step S23, step S24, step S26 and step S27
It is identical, therefore some steps are no longer described in detail under.
Compared to foregoing embodiment, step S35 more than the decryption method in the security information M1 shown in this,
And step S36 execution prerequisite system need to meet step S34, step S35 content, that is, having only when true
Recognize security information M1 not meet with altering (that is, step S34) and confirm security information M1 not less than effective time limit (i.e.,
Step S35) when, the execution step that just continues S36.
In addition, in the flow chart that Fig. 6 is painted, though it is to first carry out just to perform step S35 after step S34, this
Invention is not so limited, and step S34 and step S35 execution sequence is actually interchangeable, or even this
Two steps also can be performed synchronously.
Hereinafter, it is that the flow order painted according to Fig. 6 is illustrated, and only enters since step S35 part
Row explanation is (i.e., it is assumed that have confirmed that the information format that security information M1 is supported by reception device 100, and may be used
Security information M1 is decrypted by decruption key, and has confirmed that security information is not altered).And other are walked
Rapid S31, step S32, step S33 and step S34 then see foregoing step S21, step S22, step
S23 and step S24.
In a step S35 embodiment, processing unit 120 can according to current time of reception device 100 and when
Code C22 is imitated to confirm whether security information M1 exceedes effective time limit.In this, time code C22 can include safety letter
Cease M1 submitting time and effective time limit.Wherein, the submitting time can be user in after completion information content C23
Press the time point of send key, suppression or the date of shipping predetermined for user;And effective time limit can be then
One given period day or a specific period.
The flow chart that Fig. 8 is covered by the step S35 in Fig. 6.Referring to Fig. 8, in step S35 some implementations
Example in, the current time (step S35a) of the fechtable reception device 100 of processing unit 120, with according to it is current when
Between with send out Time Calculation go out the time difference (step S35b).Continue, the comparison time of processing unit 120 difference is with having
Imitate the time limit (step S35c), and when the time difference being less than or equal to effective time limit, processing unit 120 judges peace
Full information M1 is not less than effective time limit (step S35d).Conversely, processing unit then judges that security information M1 exceedes
Effective time limit (step S35e).
In step S35a, the current time of the fechtable reception device 100 of processing unit 120.Wherein, mesh
The preceding time can perform the time point instantly during acquisition action, such as on 2 1st, 2016 for processing unit 120.
In certain embodiments, processing unit 120 can be by the mixed-media network modules mixed-media (not shown) of reception device 100
And/or locating module (not shown) obtains the current time of this reception device 100.In this, mixed-media network modules mixed-media
Can be wireless network, Wifi etc..And locating module can be global positioning system (GPS).
In step S35b, processing unit 120 can be according to the current time of gained and timeliness in step S35a
Contained security information M1 transmission time calculates a time difference in code C22.
For example, it is assumed that it is 2016 1 that the contained transmission time, which is, in the time code C22 in security information M1
Months 30 days, and the current time that captures of processing unit 120 be on 2 1st, 2016 when, processing unit 120
It is (assuming that beginning to count day) on the 3rd that time difference system can be gone out according to current time and transmission Time Calculation.
In this, though the current time with the least unit for sending the time is illustrated with day, the present invention is simultaneously
Non- to be only limitted to this, the current time also can be in detail to hour, the minute even second with sending the least unit of time.
In step S35c, processing unit 120 can believe the time difference calculated in step S35b with safety
The contained limited time limit is compared in time code C22 in breath M1, to confirm whether security information M1 has exceeded
Effective time limit.
For example, it is assumed that the time difference system calculated is the limited time limit contained in 3 days, and time code C22
Be for 7 days when, processing unit 120 can be in comparison time difference with after effective time limit, judging security information M1 not yet
Still there is effect more than effective time limit.
Therefore, confirm that security information M1 is not altered in step S34, and confirm that safety is believed in step S35
After ceasing M1 not less than effective time limit, the execution step that just can continue S36.
In step S36, the execution unit 130 of reception device 100 can receive the safety from processing unit 120
Information M1, and perform the information content C23 in security information M1.
Conversely, when the time difference system obtained by the confirmation of processing unit 120 is less than or equal to effective time limit, performing step
Rapid S35d, and processing unit 120 can determine that security information M1 not less than effective time limit.For example, it is assumed that meter
It is processing unit 120 when being 1 in the contained limited time limit in 3 days, and time code C22 that the time difference system calculated, which be,
Can be in comparison time difference with after effective time limit, judging that security information M1 has exceeded effective time limit without effect.
Therefore, in performing after step S35d, can continue execution step S37, and give up security information M1.
In summary, the encryption method of security information according to an embodiment of the invention, decryption method and use
To receive the reception device of security information, produced by by the way that the information content and time code will be encrypted afterwards
Identifying code carries out another encryption acts with the information content, time code, to produce the encryption protection with the two-stage
Security information, can be used specific decruption key to have only corresponding reception device and decrypt safe letter
Breath, and reception device can confirm safe letter according to the identifying code in security information, time code and the information content
Whether breath is altered, and can after confirming not altered just execution information content, taken with lifting Global Information
The security and privacy of business.In addition, reception device can also confirm peace according to the time code in security information
Whether full information exceedes effective time limit, and then can also add the security of lifting Global Information service.
The technology contents of the present invention are disclosed as described above with preferred embodiment, and so it is not limited to the present invention,
It is any to be familiar with this those skilled in the art, a little change and retouching is done in the spirit for not departing from the present invention, should all be covered
In in scope of the invention, therefore protection scope of the present invention is when depending on the appended claims person of defining
It is defined.
Claims (21)
1. a kind of encryption method of security information, it is characterised in that include:
Carry out one first cryptographic calculation to produce an identifying code according to an information content and a time code;
Carry out one second cryptographic calculation to produce an encryption according to the information content, the time code and the identifying code
Field;And
A non-encrypted field and the encrypted fields are combined into the security information.
2. the encryption method of security information as claimed in claim 1, it is characterised in that the identifying code is included
One first checking section and one second checking section, the time code are located at the first checking area with the information content
Between section and the second checking section.
3. the encryption method of security information as claimed in claim 2, it is characterised in that the first checking area
Section with this second checking section digit summation be definite value, and this first checking section with this second verify section
Digit can respectively elasticity adjustment.
4. the encryption method of security information as claimed in claim 1, it is characterised in that the time code is included
One sends out time and an effective time limit.
5. the encryption method of security information as claimed in claim 1, it is characterised in that the first encryption fortune
It is one of message digest algorithm and Secure Hash Algorithm to calculate system.
6. the encryption method of security information as claimed in claim 5, it is characterised in that the second encryption fortune
It is one of high-order encryption standard, RSA cryptographic algorithms, triumphant Sa enciphered method to calculate system.
7. a kind of decryption method of security information a, it is adaptable to reception device, it is characterised in that the decryption side
Method is included:
The security information is received, wherein the security information includes a non-encrypted field and an encrypted fields;
The information format that the reception device is supported is confirmed according to the non-encrypted field, and the information format is
Form specific to the security information;
Using a decruption key to being decrypted with the encrypted fields in the security information, tested with obtaining one
Demonstrate,prove code, a time code and an information content;
Confirm that the security information is not altered according to the identifying code, the time code and the information content;And
When the security information is not by altering, the information content is performed.
8. the decryption method of security information as claimed in claim 7, it is characterised in that according to the identifying code,
The time code and the information content confirm the security information not by also being comprised the steps of the step of altering:
Perform a cryptographic calculation to obtain a check code according to the time code and the information content;
Compare the identifying code and the check code;And
When the identifying code is consistent with the check code, judge that the security information is not altered.
9. the decryption method of security information as claimed in claim 7, it is characterised in that the time code is included
One sends out time and an effective time limit, and the decryption method is also comprised the steps of:
Capture one of the reception device current time;
Go out a time difference according to the current time and the submitting Time Calculation;
Compare the time difference and the effective time limit;And
When the time difference be less than or equal to the term of validity when prescribe a time limit, judge the security information not less than this it is effective when
Limit;
The step of wherein performing the information content be when the security information do not altered and the security information not less than
Just performed during the effective time limit.
10. the decryption method of security information as claimed in claim 9, it is characterised in that also comprising following step
Suddenly:
It is somebody's turn to do when the non-information format supported for the reception device of the security information, the reception device do not have
Decruption key, the security information altered and more than the effective time limit either condition when, then give up the peace
Full information.
11. the decryption method of security information as claimed in claim 7, it is characterised in that the identifying code is included
One first checking section and one second checking section, the time code are located at the first checking area with the information content
Between section and the second checking section.
12. the decryption method of security information as claimed in claim 7, it is characterised in that the first checking area
Section with this second checking section digit summation be definite value, and this first checking section with this second verify section
Digit can respectively elasticity adjustment.
13. a kind of reception device to receive security information, it is characterised in that include:
One receiving unit, receives the security information, and confirm that one of security information information format system connects for this
Receiving apparatus is supported that wherein the security information includes a non-encrypted field and an encrypted fields;
One processing unit, using a decruption key to being decrypted with the encrypted fields in the security information,
To obtain an identifying code, a time code and an information content, and according to the identifying code, the time code and the letter
The breath content check security information is not altered;And
One execution unit, after confirming that the security information is not altered, performs the information content.
14. the reception device as claimed in claim 13 to receive security information, it is characterised in that should
Receiving unit system confirms whether the information format of the security information is the reception device by the non-encrypted field
Supported.
15. the reception device as claimed in claim 13 to receive security information, it is characterised in that should
Processing unit system by performing a cryptographic calculation to time code and the information content to obtain after a check code, then
The check code is compared with whether the identifying code is consistent to confirm that the security information is not altered.
16. the reception device as claimed in claim 15 to receive security information, it is characterised in that should
Cryptographic calculation system is CRC computing.
17. the reception device as claimed in claim 13 to receive security information, it is characterised in that should
The submitting time that time code is included and an effective time limit, the processing unit also capture one of reception device mesh
The preceding time, then go out a time difference according to the current time and the submitting Time Calculation, with according to the time difference
Confirm the security information not less than the period of validity;Wherein the execution unit lie in confirmation the time difference be less than or
The information content is just performed after not altered equal to the term of validity time limit and the security information.
18. the reception device as claimed in claim 13 to receive security information, it is characterised in that when
When the receiving unit confirms that the information format of the security information received is not supported by the reception device,
Then give up the security information.
19. the reception device as claimed in claim 13 to receive security information, it is characterised in that when
The processing unit can not security information when being decrypted, then give up the security information.
20. the reception device as claimed in claim 13 to receive security information, it is characterised in that should
Identifying code includes one first checking section and one second checking section, and the time code is located at the information content should
Between first checking section and the second checking section.
21. the reception device as claimed in claim 13 to receive security information, it is characterised in that should
The digit summation of first checking section and the second checking section is definite value, and the first checking section with this
The digit of two checking sections can elasticity adjustment respectively.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610122091.5A CN107154920B (en) | 2016-03-04 | 2016-03-04 | Encryption method and decryption method for security information and receiving device for receiving security information |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610122091.5A CN107154920B (en) | 2016-03-04 | 2016-03-04 | Encryption method and decryption method for security information and receiving device for receiving security information |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107154920A true CN107154920A (en) | 2017-09-12 |
| CN107154920B CN107154920B (en) | 2021-07-13 |
Family
ID=59792265
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610122091.5A Active CN107154920B (en) | 2016-03-04 | 2016-03-04 | Encryption method and decryption method for security information and receiving device for receiving security information |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107154920B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108769403A (en) * | 2018-05-24 | 2018-11-06 | 维沃移动通信有限公司 | A kind of information acquisition method and terminal |
| CN110910233A (en) * | 2019-11-27 | 2020-03-24 | 王向远 | Internet financial platform credit risk monitoring method and device and electronic equipment |
| CN111901129A (en) * | 2020-06-28 | 2020-11-06 | 乾讯信息技术(无锡)有限公司 | Safety protection device based on network multimedia |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101064595A (en) * | 2006-04-27 | 2007-10-31 | 联想(北京)有限公司 | Computer network safe input authentication system and method |
| US20080031446A1 (en) * | 2006-08-04 | 2008-02-07 | Canon Kabushiki Kaisha | Information processing apparatus, data processing apparatus, and methods thereof |
| CN101594227A (en) * | 2008-05-30 | 2009-12-02 | 华为技术有限公司 | The method of data encryption and deciphering, device and communication system |
| CN101741567A (en) * | 2009-12-31 | 2010-06-16 | 北京飞天诚信科技有限公司 | Dynamic password-based authentication method and device |
| CN102594557A (en) * | 2012-01-10 | 2012-07-18 | 深圳市汉普电子技术开发有限公司 | Method and device for encrypting uniform resource locator (URL) and method and device for authenticating URL |
| CN102624740A (en) * | 2012-03-30 | 2012-08-01 | 奇智软件(北京)有限公司 | Data interaction method, client and server |
| WO2012151590A2 (en) * | 2011-05-05 | 2012-11-08 | Transaction Network Services, Inc. | Systems and methods for enabling mobile payments |
| CN103155478A (en) * | 2010-07-23 | 2013-06-12 | Emue控股集团公司 | Encryption device and method |
| CN104868996A (en) * | 2014-02-25 | 2015-08-26 | 中兴通讯股份有限公司 | Data encryption and decryption method, device thereof, and terminal |
| CN104883260A (en) * | 2015-06-11 | 2015-09-02 | 深圳市易普森科技有限公司 | Certificate information processing and verification methods, processing terminal, and verification server |
| CN105142138A (en) * | 2014-05-28 | 2015-12-09 | 中兴通讯股份有限公司 | Call subscriber authentication method, device and system |
-
2016
- 2016-03-04 CN CN201610122091.5A patent/CN107154920B/en active Active
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101064595A (en) * | 2006-04-27 | 2007-10-31 | 联想(北京)有限公司 | Computer network safe input authentication system and method |
| US20080031446A1 (en) * | 2006-08-04 | 2008-02-07 | Canon Kabushiki Kaisha | Information processing apparatus, data processing apparatus, and methods thereof |
| CN101594227A (en) * | 2008-05-30 | 2009-12-02 | 华为技术有限公司 | The method of data encryption and deciphering, device and communication system |
| CN101741567A (en) * | 2009-12-31 | 2010-06-16 | 北京飞天诚信科技有限公司 | Dynamic password-based authentication method and device |
| CN103155478A (en) * | 2010-07-23 | 2013-06-12 | Emue控股集团公司 | Encryption device and method |
| WO2012151590A2 (en) * | 2011-05-05 | 2012-11-08 | Transaction Network Services, Inc. | Systems and methods for enabling mobile payments |
| CN102594557A (en) * | 2012-01-10 | 2012-07-18 | 深圳市汉普电子技术开发有限公司 | Method and device for encrypting uniform resource locator (URL) and method and device for authenticating URL |
| CN102624740A (en) * | 2012-03-30 | 2012-08-01 | 奇智软件(北京)有限公司 | Data interaction method, client and server |
| CN104868996A (en) * | 2014-02-25 | 2015-08-26 | 中兴通讯股份有限公司 | Data encryption and decryption method, device thereof, and terminal |
| CN105142138A (en) * | 2014-05-28 | 2015-12-09 | 中兴通讯股份有限公司 | Call subscriber authentication method, device and system |
| CN104883260A (en) * | 2015-06-11 | 2015-09-02 | 深圳市易普森科技有限公司 | Certificate information processing and verification methods, processing terminal, and verification server |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108769403A (en) * | 2018-05-24 | 2018-11-06 | 维沃移动通信有限公司 | A kind of information acquisition method and terminal |
| CN110910233A (en) * | 2019-11-27 | 2020-03-24 | 王向远 | Internet financial platform credit risk monitoring method and device and electronic equipment |
| CN110910233B (en) * | 2019-11-27 | 2022-07-29 | 华炫鼎盛(北京)科技有限公司 | Internet financial platform credit risk monitoring method and device and electronic equipment |
| CN111901129A (en) * | 2020-06-28 | 2020-11-06 | 乾讯信息技术(无锡)有限公司 | Safety protection device based on network multimedia |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107154920B (en) | 2021-07-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109472166B (en) | Electronic signature method, device, equipment and medium | |
| US10769628B2 (en) | Transaction messaging | |
| CN101300808B (en) | Method and arrangement for secure autentication | |
| CN105162596B (en) | For generating the safety value used in being interacted with server and the equipment for sending user to | |
| CN101978675B (en) | System and method for securely issuing subscription credentials to communication devices | |
| CN102664866B (en) | For the method and system of registration of licensed modules in mobile devices | |
| CN109672539A (en) | SM2 algorithm collaboration signature and decryption method, apparatus and system | |
| US8433914B1 (en) | Multi-channel transaction signing | |
| CN101720071B (en) | Short message two-stage encryption transmission and secure storage method based on safety SIM card | |
| US20070249375A1 (en) | Method and system for phone-number discovery and phone-number authentication for mobile communications devices | |
| JP2019521414A (en) | Payment authentication method, device and system for on-vehicle terminal | |
| US20070257813A1 (en) | Secure network bootstrap of devices in an automatic meter reading network | |
| JPS625544B2 (en) | ||
| US20090034730A1 (en) | Process for digital signing of a message | |
| CN100477579C (en) | Method for registering and enabling PKI functionalities | |
| WO2003009200A1 (en) | Digital notary system and method | |
| CN106576043A (en) | Virally distributable trusted messaging | |
| CN103107996A (en) | On-line download method and system of digital certificate and digital certificate issuing platform | |
| CN106304074A (en) | Auth method and system towards mobile subscriber | |
| CN101247605A (en) | Short information enciphering and endorsement method, mobile terminal and short information ciphering system | |
| EP1142194B1 (en) | Method and system for implementing a digital signature | |
| JP5973808B2 (en) | Information processing device, terminal device, information processing system, information processing method, and computer program | |
| CN107360125A (en) | Access authentication method, WAP and user terminal | |
| CN107360124A (en) | Access authentication method and device, WAP and user terminal | |
| US7610625B2 (en) | Program control system, program control method and information control program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |